Weekly Threat Intelligence Summary

Top 10 General Cyber Threats

Generated 2026-01-26T05:00:04.613644+00:00

1. Under Armour ransomware breach: data of 72 million customers appears on the dark web (www.malwarebytes.com, 2026-01-22T12:02:27)
   Score: 8.582
   Customer data allegedly stolen during a ransomware attack on sportswear giant Under Armour is now circulating on the dark web.
2. New ransomware tactics to watch out for in 2026 (www.recordedfuture.com, 2026-01-05T00:00:00)
   Score: 7.965
   Ransomware groups made less money in 2025 despite a 47% increase in attacks, driving new tactics: bundled DDoS services, insider recruitment, and gig worker exploitation. Learn the emerging trends defenders must prepare for in 2026.
3. Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? (www.malwarebytes.com, 2026-01-23T16:04:08)
   Score: 7.777
   Spammers are abusing Zendesk to flood inboxes with emails from trusted brands. There’s no phishing or malware—just noise.
4. December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity (www.recordedfuture.com, 2026-01-13T00:00:00)
   Score: 7.499
   December 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) dominating threat activity across Meta’s React framework.
5. PurpleBravo’s Targeting of the IT Software Supply Chain (www.recordedfuture.com, 2026-01-21T00:00:00)
   Score: 7.332
   Discover how PurpleBravo, a North Korean threat group, exploits fake job offers to target software supply chains, using RATs and infostealers like BeaverTail.
6. Laughter in the dark: Tales of absurdity from the cyber frontline and what they taught us (www.sophos.com, 2026-01-13T00:00:00)
   Score: 7.299
   From a quintuple-encryption ransomware attack to zany dark web schemes and AI fails, Sophos X-Ops looks back at some of our favorite weirdest incidents from the last few years – and the serious lessons behind them Categories: Threat Research Tags: Ransomware, Hive, Lockbit, BlackCat, LLM, AI, Money Laundering
7. Fake extension crashes browsers to trick users into infecting themselves (www.malwarebytes.com, 2026-01-20T14:40:28)
   Score: 7.267
   A fake ad blocker crashes your browser, then uses ClickFix tricks to make you run the malware yourself.
8. A week in security (January 12 – January 18) (www.malwarebytes.com, 2026-01-19T08:01:00)
   Score: 7.054
   Last week on Malwarebytes Labs: Stay safe!
9. January 2026 Patch Tuesday: 114 CVEs Patched Including 3 Zero-Days (www.crowdstrike.com, 2026-01-13T06:00:00)
   Score: 7.04
10. Best Ransomware Detection Tools (www.recordedfuture.com, 2026-01-13T00:00:00)
    Score: 6.999
    Stop ransomware before encryption begins. Learn how intelligence-driven detection tools can help identify precursor behaviors and reduce false positives for faster response.

Top 10 AI / LLM-Related Threats

Generated 2026-01-26T06:00:15.390634+00:00

1. Cognitive Control Architecture (CCA): A Lifecycle Supervision Framework for Robustly Aligned AI Agents (arxiv.org, 2026-01-26T05:00:00)
   Score: 25.79
   arXiv:2512.06716v2 Announce Type: replace-cross
   Abstract: Autonomous Large Language Model (LLM) agents exhibit significant vulnerability to Indirect Prompt Injection (IPI) attacks. These attacks hijack agent behavior by polluting external information sources, exploiting fundamental trade-offs between security and functionality in existing defense mechanisms. This leads to malicious and unauthorized tool invocations, diverting agents from their original objectives. The success of complex IPIs re
2. SafeThinker: Reasoning about Risk to Deepen Safety Beyond Shallow Alignment (arxiv.org, 2026-01-26T05:00:00)
   Score: 17.79
   arXiv:2601.16506v1 Announce Type: new
   Abstract: Despite the intrinsic risk-awareness of Large Language Models (LLMs), current defenses often result in shallow safety alignment, rendering models vulnerable to disguised attacks (e.g., prefilling) while degrading utility. To bridge this gap, we propose SafeThinker, an adaptive framework that dynamically allocates defensive resources via a lightweight gateway classifier. Based on the gateway's risk assessment, inputs are routed through three d
3. From Transactions to Exploits: Automated PoC Synthesis for Real-World DeFi Attacks (arxiv.org, 2026-01-26T05:00:00)
   Score: 17.79
   arXiv:2601.16681v1 Announce Type: new
   Abstract: Blockchain systems are increasingly targeted by on-chain attacks that exploit contract vulnerabilities to extract value rapidly and stealthily, making systematic analysis and reproduction highly challenging. In practice, reproducing such attacks requires manually crafting proofs-of-concept (PoCs), a labor-intensive process that demands substantial expertise and scales poorly. In this work, we present the first automated framework for synthesizing
4. LLM Jailbreak Detection for (Almost) Free! (arxiv.org, 2026-01-26T05:00:00)
   Score: 17.79
   arXiv:2509.14558v2 Announce Type: replace
   Abstract: Large language models (LLMs) enhance security through alignment when widely used, but remain susceptible to jailbreak attacks capable of producing inappropriate content. Jailbreak detection methods show promise in mitigating jailbreak attacks through the assistance of other models or multiple model inferences. However, existing methods entail significant computational costs. In this paper, we first present a finding that the difference in outp
5. Algorithmic Identity Based on Metaparameters: A Path to Reliability, Auditability, and Traceability (arxiv.org, 2026-01-26T05:00:00)
   Score: 17.29
   arXiv:2601.16234v1 Announce Type: new
   Abstract: The use of algorithms is increasing across various fields such as healthcare, justice, finance, and education. This growth has significantly accelerated with the advent of Artificial Intelligence (AI) technologies based on Large Language Models (LLMs) since 2022. This expansion presents substantial challenges related to accountability, ethics, and transparency. This article explores the potential of the Digital Object Identifier (DOI) to identify
6. NOIR: Privacy-Preserving Generation of Code with Open-Source LLMs (arxiv.org, 2026-01-26T05:00:00)
   Score: 16.79
   arXiv:2601.16354v1 Announce Type: new
   Abstract: Although boosting software development performance, large language model (LLM)-powered code generation introduces intellectual property and data security risks rooted in the fact that a service provider (cloud) observes a client's prompts and generated code, which can be proprietary in commercial systems. To mitigate this problem, we propose NOIR, the first framework to protect the client's prompts and generated code from the cloud. NOIR
7. LLM Watermark Evasion via Bias Inversion (arxiv.org, 2026-01-26T05:00:00)
   Score: 14.79
   arXiv:2509.23019v3 Announce Type: replace
   Abstract: Watermarking for large language models (LLMs) embeds a statistical signal during generation to enable detection of model-produced text. While watermarking has proven effective in benign settings, its robustness under adversarial evasion remains contested. To advance a rigorous understanding and evaluation of such vulnerabilities, we propose the \emph{Bias-Inversion Rewriting Attack} (BIRA), which is theoretically motivated and model-agnostic.
8. Bridging Expert Reasoning and LLM Detection: A Knowledge-Driven Framework for Malicious Packages (arxiv.org, 2026-01-26T05:00:00)
   Score: 14.49
   arXiv:2601.16458v1 Announce Type: cross
   Abstract: Open-source ecosystems such as NPM and PyPI are increasingly targeted by supply chain attacks, yet existing detection methods either depend on fragile handcrafted rules or data-driven features that fail to capture evolving attack semantics. We present IntelGuard, a retrieval-augmented generation (RAG) based framework that integrates expert analytical reasoning into automated malicious package detection. IntelGuard constructs a structured knowled
9. The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time (unit42.paloaltonetworks.com, 2026-01-22T11:00:22)
   Score: 12.897
   We discuss a novel AI-augmented attack method where malicious webpages use LLM services to generate dynamic code in real-time within a browser. The post The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time appeared first on Unit 42 .
10. ProveRAG: Provenance-Driven Vulnerability Analysis with Automated Retrieval-Augmented LLMs (arxiv.org, 2026-01-26T05:00:00)
    Score: 12.49
    arXiv:2410.17406v3 Announce Type: replace
    Abstract: In cybersecurity, security analysts constantly face the challenge of mitigating newly discovered vulnerabilities in real-time, with over 300,000 vulnerabilities identified since 1999. The sheer volume of known vulnerabilities complicates the detection of patterns for unknown threats. While LLMs can assist, they often hallucinate and lack alignment with recent threats. Over 40,000 vulnerabilities have been identified in 2024 alone, which are in
11. Introducing the Generative Application Firewall (GAF) (arxiv.org, 2026-01-26T05:00:00)
    Score: 12.49
    arXiv:2601.15824v2 Announce Type: replace
    Abstract: This paper introduces the Generative Application Firewall (GAF), a new architectural layer for securing LLM applications. Existing defenses — prompt filters, guardrails, and data-masking — remain fragmented; GAF unifies them into a single enforcement point, much like a WAF coordinates defenses for web traffic, while also covering autonomous agents and their tool interactions.
12. Provable Differentially Private Computation of the Cross-Attention Mechanism (arxiv.org, 2026-01-26T05:00:00)
    Score: 11.99
    arXiv:2407.14717v3 Announce Type: replace-cross
    Abstract: Cross-attention has emerged as a cornerstone module in modern artificial intelligence, underpinning critical applications such as retrieval-augmented generation (RAG), system prompting, and guided stable diffusion. However, this is a rising concern about securing the privacy of cross-attention, as the underlying key and value matrices frequently encode sensitive data or private user information. In this work, we introduce a novel data st
13. Cutting the Gordian Knot: Detecting Malicious PyPI Packages via a Knowledge-Mining Framework (arxiv.org, 2026-01-26T05:00:00)
    Score: 11.79
    arXiv:2601.16463v1 Announce Type: new
    Abstract: The Python Package Index (PyPI) has become a target for malicious actors, yet existing detection tools generate false positive rates of 15-30%, incorrectly flagging one-third of legitimate packages as malicious. This problem arises because current tools rely on simple syntactic rules rather than semantic understanding, failing to distinguish between identical API calls serving legitimate versus malicious purposes. To address this challenge, we pro
14. Secure Intellicise Wireless Network: Agentic AI for Coverless Semantic Steganography Communication (arxiv.org, 2026-01-26T05:00:00)
    Score: 11.49
    arXiv:2601.16472v1 Announce Type: new
    Abstract: Semantic Communication (SemCom), leveraging its significant advantages in transmission efficiency and reliability, has emerged as a core technology for constructing future intellicise (intelligent and concise) wireless networks. However, intelligent attacks represented by semantic eavesdropping pose severe challenges to the security of SemCom. To address this challenge, Semantic Steganographic Communication (SemSteCom) achieves “invisible'&#
15. How Palo Alto Networks enhanced device security infra log analysis with Amazon Bedrock (aws.amazon.com, 2026-01-16T15:46:36)
    Score: 11.116
    Palo Alto Networks’ Device Security team wanted to detect early warning signs of potential production issues to provide more time to SMEs to react to these emerging problems. They partnered with the AWS Generative AI Innovation Center (GenAIIC) to develop an automated log classification pipeline powered by Amazon Bedrock. In this post, we discuss how Amazon Bedrock, through Anthropic’ s Claude Haiku model, and Amazon Titan Text Embeddings work together to automatically classify and analyze log d
16. Introducing multimodal retrieval for Amazon Bedrock Knowledge Bases (aws.amazon.com, 2026-01-20T18:22:25)
    Score: 11.094
    In this post, we'll guide you through building multimodal RAG applications. You'll learn how multimodal knowledge bases work, how to choose the right processing strategy based on your content type, and how to configure and implement multimodal retrieval using both the console and code examples.
17. DSSmoothing: Toward Certified Dataset Ownership Verification for Pre-trained Language Models via Dual-Space Smoothing (arxiv.org, 2026-01-26T05:00:00)
    Score: 10.79
    arXiv:2510.15303v2 Announce Type: replace
    Abstract: Large web-scale datasets have driven the rapid advancement of pre-trained language models (PLMs), but unauthorized data usage has raised serious copyright concerns. Existing dataset ownership verification (DOV) methods typically assume that watermarks remain stable during inference; however, this assumption often fails under natural noise and adversary-crafted perturbations. We propose the first certified dataset ownership verification method
18. From Signals to Strategy: What Security Teams Must Prepare for in 2026 (www.rapid7.com, 2026-01-22T15:29:36)
    Score: 10.642
    The 2026 Security Predictions webinar reinforced a simple but uncomfortable truth. The forces shaping cyber risk are not new, but they are converging faster and with greater impact than many organizations are ready for. Geopolitics, insider risk, and threat intelligence have long influenced cyber operations. What has changed is the extent to which they directly affect everyday security decisions. Geopolitical risk is now an operational concern Cyber operations have always reflected geopolitical
19. How PDI built an enterprise-grade RAG system for AI applications with AWS (aws.amazon.com, 2026-01-22T17:11:47)
    Score: 9.559
    PDI Technologies is a global leader in the convenience retail and petroleum wholesale industries. In this post, we walk through the PDI Intelligence Query (PDIQ) process flow and architecture, focusing on the implementation details and the business outcomes it has helped PDI achieve.
20. FC-GUARD: Enabling Anonymous yet Compliant Fiat-to-Cryptocurrency Exchanges (arxiv.org, 2026-01-26T05:00:00)
    Score: 9.49
    arXiv:2601.16298v1 Announce Type: new
    Abstract: With the rise of decentralized finance, fiat-to-cryptocurrency exchange platforms have become popular entry points into the cryptocurrency ecosystem. However, these platforms frequently fail to ensure adequate privacy protection, as evidenced by real-world breaches that exposed personally identifiable information (PII) and crypto addresses. Such leaks enable adversaries to link real-world identities to cryptocurrency transactions, undermining the
21. DeMark: A Query-Free Black-Box Attack on Deepfake Watermarking Defenses (arxiv.org, 2026-01-26T05:00:00)
    Score: 9.49
    arXiv:2601.16473v1 Announce Type: new
    Abstract: The rapid proliferation of realistic deepfakes has raised urgent concerns over their misuse, motivating the use of defensive watermarks in synthetic images for reliable detection and provenance tracking. However, this defense paradigm assumes such watermarks are inherently resistant to removal. We challenge this assumption with DeMark, a query-free black-box attack framework that targets defensive image watermarking schemes for deepfakes. DeMark e
22. A High Performance and Efficient Post-Quantum Crypto-Processor for FrodoKEM (arxiv.org, 2026-01-26T05:00:00)
    Score: 9.49
    arXiv:2601.16500v1 Announce Type: new
    Abstract: FrodoKEM is a lattice-based post-quantum key encapsulation mechanism (KEM). It has been considered for standardization by the International Organization for Standardization (ISO) due to its robust security profile. However, its hardware implementation exhibits a weakness of high latency and heavy resource burden, hindering its practical application. Moreover, diverse usage scenarios call for comprehensive functionality. To address these challenges
23. Malicious Google Calendar invites could expose private data (www.malwarebytes.com, 2026-01-21T12:32:31)
    Score: 9.074
    Researchers showed how prompt injection hidden in a calendar invite can bypass privacy controls and turn an AI assistant into a data-leaking accomplice.
24. Metasploit Wrap-Up 01/23/2026 (www.rapid7.com, 2026-01-23T21:00:28)
    Score: 8.935
    Oracle E-Business Suite Unauth RCE This week, we are pleased to announce the addition of a module that exploits CVE-2025-61882, a pre-authentication remote code execution vulnerability in Oracle E-Business Suite versions 12.2.3 through 12.2.14. The exploit chains multiple flaws—including SSRF, path traversal, HTTP request smuggling, and XSLT injection—to coerce the target into fetching and executing a malicious XSL file hosted by the attacker. Successful exploitation results in arbitrary command
25. Phishers Abuse SharePoint in New Campaign Targeting Energy Sector (www.securityweek.com, 2026-01-23T13:19:11)
    Score: 8.858
    Threat actors are leveraging the file-sharing service for payload delivery in AitM phishing and BEC attacks. The post Phishers Abuse SharePoint in New Campaign Targeting Energy Sector appeared first on SecurityWeek .

Auto-generated 2026-01-26